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Box: Fee Amendment 

Assistant Commissioner of Patents 

P. O. Box 1450 

Alexandria, VA 22313-1450 

Dear Sir: 

Keegan F. O'Neill makes the following Declaration with regard to the Office Action issued 
June 20, 2005 in the above-identified patent application. 

1. I am an inventor named in this patent application. I have first-hand knowledge of the 
statements made herein and the documentation listed below. 

2. Attached hereto and made a part hereof as Exhibit 1 is a true copy of a Power Point 
presentation entitled ezRESET SELF-HELP SECURITY SOLUTIONS FOR FORGOTTEN 
PASSWORDS. The presentation was used to describe the claimed method. This presentation 
was given on a date prior to May 10, 2001 but after September 28, 2000. 

C:\Data\ClientsWIP\Decl of Prior Invent.VIP-101 .doc i 



PHONE NO. : 4S03995 



3. Attached hereto and made a parr hereof as Exhibit 2 is a true copy of 
INSTALLATION AND USER GUIDE for ezRESET RD1 (Version 1.0). This document was 
released to the public prior to May 10 9 2001 but after September 28 ; , 2000 and instructs users how 
to practice my claimed method. 

4. Attached hereto and made a part hereof a$ Exhibit 3 is a true copy of an e-mail 
communication entitled REMOTE DESKTOP INTERFACE which I prepared for my employer 
Vanguard Integrity Professionals-Nevada. This communication was originally prepared and 
modified on a date earlier than May 10, 2001 and refers to the steps for implementing the claimed 
method. 

5. My co-inventors and I conceived the method for enabling an original password to be 
reset on a host computer from a remote station as recited in Claims 1-6 of our pending patent 
application on a date earlier than May 1 0, 2001 . 

6. The remote desktop interface to which this patent application relates was completed 
and sent to a customer for testing in early 2001, but prior to May 10, 2001. 

7. All of the activities referred to herein took place in the United States or a NAFTA 
country (i.e., Canada). 

I hereby declare that all statements made herein of my own knowledge and belief are 
believed to be true; and further that these statements were made with the knowledge that wilful 
false statements and (he like so made are punishable by fine or imprisonment* or both, under 
Sectioo. 1001 of Title 18 of the United Stales Code and that such willful feise statements may 
jeopardize the validity of the application or any patent issued thereon. 
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ezRESET RDI™ 

Installation and User Guide 

Version 1 .0 



ezRESET RDI 



Version 1.0 

Document Number VZRR-051028-100U 

Copyright 

Copyright © 1997-2001 by Vanguard Integrity Professionals, Nevada. 
All rights reserved. Printed in the USA. 

No part of this publication may be copied, reproduced or transmitted in 
any form or by any means, electronic or mechanical, including 
photocopying, for any purpose other than the Licensee's personal use, 
without express written permission from Vanguard Integrity Professionals. 

Trademarks 

Vanguard Security Suite, Vanguard Administrator, Vanguard Advisor, 
Vanguard Analyzer, Vanguard Enforcer, Vanguard RioVision, Vanguard 
VIPMAIN, Vanguard ezRESET, Vanguard ezSIGNON, Vanguard ezAPI, 
VRA, VSR, VSA, Quality Security Framework, Quality Security/390 
Suite, QS/390, SmartPanel, SmartLink, Find-it-Fix-it-Fast, RiskMinder, 
Smart Assist, eDistribution, AutoPilot, Pathway to Profitability, 
Enterprise- Wise and Knowledge Expo are trademarks and service marks 
of Vanguard Integrity Professionals. 

OS/390, Security Server, RACF, DB2, CICS, IMS, JES and MVS/ESA 
are registered trademarks of International Business Machines Corporation. 

Microsoft®, Windows® and Windows NT® are registered trademarks of 
Microsoft Corporation. 

CA-TopSecret or CA-ACF2 are registered trademarks of Computer 
Associates International, Inc. 

All other products mentioned in this publication are trademarks of their 
respective companies. 

About this Product 

The software product accompanying this publication is developed by 
Vanguard Victoria Labs, Inc. wholly own subsidiary of Vanguard 
Integrity Professionals, Nevada. Please read the Evaluation Agreement 
and the Terms on the envelope containing the product before it is used. 

Warranty: Vanguard warrants that the licensed software will perform as 
specified in the product documentation and that this product is of 
professional quality, conforming to generally accepted practices within the 
data processing industry. Vanguard MAKES NO OTHER 
WARRANTIES, EXPRESSED OR IMPLIED, RELATING TO ITS 
PRODUCTS, INCLUDING IMPLIED WARRANTIES OF 
MERCHANTABILITY AND FITNESS FOR USE. In no event shall 
Vanguard be liable to the Customer for any damages, including any lost 
profits, or other incidental or consequential damages arising from the use 
of Vanguard's products. 
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Introduction 

ezRESET RDI 

When users forget their password and cannot logon, they may not be able to 
get access to their desktop in order to use a web browser, or logon to the 
mainframe. Using ezRESET RDI will resolve their problem. 

ezRESET RDI is installed on an installation's domain controllers (DCs), both 
Primary and Backup. There is no need to install any software on the users 
desktops, making this a very simple way to distribute this solution. The 
administrator installs ezRESET RDI and specifies an account that is to be 
used by the end user(s) when they want to reset their password directly from 
the desktop, without having to logon. In this case, we will presume the 
account is RESET, with a password of RESET. 

When the user attempts to logon using the RESET account, ezRESET RDI 
will intercept the logon. It will recognize this as a request to do a reset. The 
logon will be cancelled and a small amount of code will be run on the users 
desktop. This code will provide an interface to ezRESET so that the user 
can have their ID reset. 

This cost and timesaving solution prevents installations from having to install 
a thin-client on each desktop, or using telephony type of interfaces, which 
can be costly and not always reliable. 
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Installing ezRESET RDI 

Requirements 

Windows NT 4.0 or Windows 2000 PDC, with Domain Administrator Account 
(User Name and Password). 
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Vanguard ezRESET RDI 
Installation Process Checklist 

The following checklist is provided to help ensure that all the necessary steps needed 
to install and use Vanguard ezRESET RDI have been accomplished. You should 
refer to the information below while performing the procedures in this checklist. 



□ 


Step 1 


Determine that TCP/IP communications between the users desktops 
ana your riui pianorm can oe estaDiisnea. use tne I Ur/ir PlNCa 
command to verify that there is communication. 


□ 


Step 2 


Review the documentation 


□ 


Step 3 


Verify that Windows NT 4.0 Server (Service Pack 4 or above) or 
Windows 2000 is installed. 


□ 


Step 4 


Determine that your Administrator has access to NT 


□ 


Step 5 


Copy the RDI files 


□ 


Step 6 


Install ezRESET RDI 


□ 


Step 7 


Configure the RDI component 
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Installation 

To install ezRESET RDI, perform the following steps: 

1 . Run the supplied ezRESETRDI.exe on the PDC(s) where ezRESET 
RDI will be installed. This will extract the setup files into a 
temporary directory. 

2. Run the SETUP.EXE from the temporary install directory into the 
desired directory. The ezRESET RDI Configuration dialog box will 
be displayed. 



ezRESET RDI Configuration 



IP/Host Name 



Port 



Add/Edit 



Delete 



-Config Status- 



Enter code to activate ezRESET RDI: 



resRESET RDI Service Administrative Account: 
Admin Account Name: 



Password: 
Update Service Admin Account 



ezRESET Account Name and Password- 
ezRESET Account: |""~ " 



Password: 



: Create ezRESET Account 



OK 



Cancel 



Help 



HHE3 



3. Click Add/Edit on the ezRESET RDI Configuration panel to 
establish the Host Settings information required to identify the 
server where users will reset their password. The dialog box shown 
below will be displayed. 

This requires entering the IP/Host Name and Port for each host 
(one primary, zero or more backups) where users will reset their 
password. This information will initially be empty. After this 
information is established, multiple hosts can be populated in these 
fields. 
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Installation, cont'd 



ezRESET RDI Configuration 



TCP/IP Settings- 
C Host Name; 
<?■ IP Address: 
Port: 

Add 



Change 



delete 



IP/Host Name 



Port 



OK 



Cancel 



4. Update the TCP/IP Settings on this panel as described below: 

The information entered will most likely be the same as that defined 
when configuring the ezRESETWJeb Site. 

T TCP/IP Settings 

Enter the TCP/IP information for the specific platform. You 
may specify a Host Name or a specific IP Address, and the 
Port Number. 

5. Click on Add to add an entry to the list, 
-or- 

Click on Change to change an entry in the list while that entry is 
selected. 

-or- 

Click on Delete to remove an entry from the list. 

You may make multiple entries. The first entry in list will be tried 
first, if that entry is unavailable the next in the list is tried and so on 
until a host is reached or it is determined that none are available. 

6. Enter code to activate ezRESETRDI 

This code will be provided by Vanguard Integrity Professionals 
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Installation, cont'd 

7. Enter the ezRESET RDI Service Account Settings. 

▼ Service Account and Password 

Service Account and Password is required for ezRESET RDI 
to get access to workstations in the domain. The 
information entered, Account Name and Password, is not 
stored by ezRESET RDI. 

This must be a Domain Administrator account and requires 
the "Logon As A Service" right. 

Upon running the ezRESET RDI configuration utility, if an 
account name is in the Service Account field, it has been 
extracted from the Service Control Manager. 

Click the Update Service Admin Account button to process. 

8. Enter the ezRESET Account Settings 

▼ Reset Account and Password 

The Username of the account by which a user will logon to 
trigger a "password reset". Users will not be able to perform 
a logon with this account, it will be controlled by ezRESET 
RDI. 

If you uninstall ezRESET RDI, you will be given the option to 
remove this account so that it cannot be used. 

The account can be created (with the Create Reset Account 
button) or can already exist. 

Password is only required for an account that is to be 
created. If the account already exists you need only enter 
the Username. 

Click the Create ezRESET Account button to process. 

9. Reboot the Machine 

You may now reboot the machine and ezRESET RDI will be ready 
for use. You can test that it is working by attempting a logon using 
the specified Reset Account and Password 

Post Installation Reconfiguration 

After the product has been installed, you may want to reconfigure the existing 
setup. To do so, run the supplied ezRESETRDIConfig.exe. The ezRESET 
RDI Configuration dialog box shown on page 4 will be displayed which will 
allow you to make the appropriate changes. 
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Using ezRESET RDI 

Resetting Password 

When users have forgotten their password and cannot access their desktop 
to get to the ezRESET web site, it will be necessary for them to use the RDI 
to reset their password. 

This is accomplished by using the ezRESET account defined in the 
ezRESET RDI configuration. The user will "log on" using the ezRESET 
account and password (in this case we will presume the account is RESET, 
with a password of RESET). The logon will be denied, but this act of logging 
in using the RESET account will trigger the RDI to be run on the user 
desktop and the following dialog box will be displayed on their machine: 



ezRESET 



EnterYourUserid: 



OK 



Cancel 



The user will then enter their UserlD and (if they have already registered) will 
then be shown a dialog box with their questions to be answered: 

The user then answers their question and optionally enters a Default 
password, presses OK and (if they answered their questions correctly) their 
password will be reset to their Default. 



ezRESET ROI 
Quetfrail: 



Aruww 2: 

I 



"Optional 
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Why a Need: We had need to ran a program on a users desktop (in this particular case, to 
allow the user to reset their own password) without the user having to log in to their 
machine. Running a program in the secure desktop (the screen with "Press Ctrl + Alt + 
Delete to log on") is fairly simple, but our problem extended a little further. We did not 
want this program to be stored on the users desktop. Therefore we had need to allow the 
user to run a program at will that was not stored on their own machines and without 
requiring them to log on. 

The necessity for these requirements are as follows: We have need of allowing a user to 
run a program at will without logging in - this is necessary as the program in this case 
allows a user to reset their own password, and the most likely instance of this being used 
by a user would be when they can not log on to their machines (because of a forgotten 
password for instance). We do not want to have our software stored on each users 
desktop as this adds an undesirable amount of potential maintenance plus installation 
time for organizations with large numbers (thousands) of users. 

Therefore we had need to develop a system that, after certain conditions are met installs a 
program on a remote machine that will remove itself without trace after execution is 
completed. 

Current State of the Art: Currently there is no method of running a program on a remote 
machine if that program does not exist on said machine. 





Walkthrough: 



1) Login attempt is captured by the RDI Subauth. 

2) We compare the user name of from the login attempt to a stored value know as the 
"Reset Account Name". If the names match go on to 3b, if not go to 3a. 

3a) If the names match then we know a Reset is being attempted. First this we want to 

do is deny the "Reset" account access to the computer. 
3b) Continue with normal NT login, our program goes back to a wait state to wait for 

next logon attempt. 

4) The next this we need to gather info on where this attempt is originating from so get 
capture the Workstation Name. 

5) Next we need to communicate with the RDI Server running as a service on the PDC 
of the Domain of witch the Workstation is a member of. 

6) If communication cannot be established go to 7a, otherwise go to 7b. 

7a) Communication established so we send the Workstation information to the RDI 
Server. 

7b) If we cannot communicate with the RDI server they it may not be installed on that 
PDC, report an error and quit. 

8) The RDI Server (running as a service) receives the Workstation information from the 
RDI Subauth. 

9) The RDI Server will then create a thread to handle further processing and then wait 
for further connections. 

10a) The RDI Server Thread will then attempts to connect to the Workstations Registry 
and save Configuration information. If this is successful go to step 11a otherwise go 
to 10b. 

10b) If the install of configuration does not complete successfully then we remove any 

data that did get installed on the remote workstation, sever the connection and quit. 
1 la) If configuration information was installed correctly we copy the RDI Program file to 

the remote machine using a well known administrative share. If this is successful go 

to 12a, otherwise go to 1 lb. 
1 lb) If the file copy was unsuccessful we remove all Configuration info we have installed 

on the Workstation and quit. 
12a) If the file was copied successfully, we access the Workstations Service Control 

Manager (SCM) and install the RDI Program as a service. Success go to 13a, failure 

go to 12b. 

12b) On failure to install as a service, we remove the program file copied previously, and 

all the configuration information and quit. 
13a) On success of installing to program as a service we then attempt to start the service 

(which will start the program). On success go to 14 else go to 13b. 
13b) On failure of the program to start we remove the program as being a service, remove 

the program file itself and remove the configuration information then quit. 

14) The RDI starts successfully, our thread quits. 

15) Our program executes, pops up an interface to the secure desktop (where you press 
Ctrl + Alt + Delete). 

16) The program finishes all tasks, it then removes itself from being a service, removes 
all configuration information, and finally removes itself, the program file and quits. 



